From a3be0289286c43d8656052217457d9162261ba90 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Philip=20H=C3=A4usler?=
Date: Thu, 2 Jun 2011 00:48:29 +0200
Subject: [PATCH] rewrite
---
includes/UserCVS.php | 4 +-
includes/footer.php | 2 +-
includes/pages/guest_credits.php | 5 +
includes/pages/guest_faq.php | 21 ++
includes/pages/guest_login.php | 250 +++++++++++++++++++
includes/pages/guest_start.php | 13 +
includes/sys_auth.php | 47 ++++
includes/{funktion_lang.php => sys_lang.php} | 1 -
includes/sys_menu.php | 72 ++++++
includes/sys_mysql.php | 61 +++++
includes/sys_page.php | 9 +
includes/sys_template.php | 17 ++
templates/guest_credits.html | 12 +
templates/guest_login_form.html | 22 ++
templates/layout.html | 42 ++++
www-ssl/credits.php | 18 --
www-ssl/css/base.css | 18 +-
www-ssl/index.php | 74 +++++-
18 files changed, 656 insertions(+), 32 deletions(-)
create mode 100644 includes/pages/guest_credits.php
create mode 100644 includes/pages/guest_faq.php
create mode 100644 includes/pages/guest_login.php
create mode 100644 includes/pages/guest_start.php
create mode 100644 includes/sys_auth.php
rename includes/{funktion_lang.php => sys_lang.php} (81%)
create mode 100644 includes/sys_menu.php
create mode 100644 includes/sys_mysql.php
create mode 100644 includes/sys_page.php
create mode 100644 includes/sys_template.php
create mode 100644 templates/guest_credits.html
create mode 100644 templates/guest_login_form.html
create mode 100644 templates/layout.html
delete mode 100644 www-ssl/credits.php
diff --git a/includes/UserCVS.php b/includes/UserCVS.php
index 98a4fec7..b7fb412c 100644
--- a/includes/UserCVS.php
+++ b/includes/UserCVS.php
@@ -20,8 +20,8 @@
}
// pagename ermitteln
- $Page["Name"] = basename($_SERVER['PHP_SELF']);
-// $Page["Name"] = str_replace($ENGEL_ROOT, '', $_SERVER['PHP_SELF']);
+// $Page["Name"] = basename($_SERVER['PHP_SELF']);
+ $Page["Name"] = str_replace($ENGEL_ROOT, '', $_SERVER['PHP_SELF']);
//recht fuer diese seite auslesen
if(isset($_SESSION['CVS'][$Page["Name"]]))
diff --git a/includes/footer.php b/includes/footer.php
index 8e5b35b9..fdf00581 100644
--- a/includes/footer.php
+++ b/includes/footer.php
@@ -4,7 +4,7 @@
diff --git a/includes/pages/guest_credits.php b/includes/pages/guest_credits.php
new file mode 100644
index 00000000..89f68fde
--- /dev/null
+++ b/includes/pages/guest_credits.php
@@ -0,0 +1,5 @@
+
\ No newline at end of file
diff --git a/includes/pages/guest_faq.php b/includes/pages/guest_faq.php
new file mode 100644
index 00000000..6b5eeeeb
--- /dev/null
+++ b/includes/pages/guest_faq.php
@@ -0,0 +1,21 @@
+', $faq['Frage']);
+ list ($antwort_de, $antwort_en) = explode('
', $faq['Antwort']);
+ $html .= "";
+ if ($_SESSION['Sprache'] == "DE") {
+ $html .= "- " . $frage_de . "
";
+ $html .= "- " . $antwort_de . "
";
+ } else {
+ $html .= "- " . $frage_en . "
";
+ $html .= "- " . $antwort_en . "
";
+ }
+ $html .= "
";
+ }
+ return $html;
+}
+?>
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
new file mode 100644
index 00000000..76a473df
--- /dev/null
+++ b/includes/pages/guest_login.php
@@ -0,0 +1,250 @@
+ 0) $error = Get_Text("makeuser_error_nick1") . $_POST["Nick"] . Get_Text("makeuser_error_nick3");
+ elseif (strlen($_POST["email"]) <= 6 && strstr($_POST["email"], "@") == FALSE && strstr($_POST["email"], ".") == false) $error = Get_Text("makeuser_error_mail");
+ elseif (!is_numeric($_POST["Alter"])) $error = Get_Text("makeuser_error_Alter");
+ elseif ($_POST["Passwort"] != $_POST["Passwort2"]) $error = Get_Text("makeuser_error_password1");
+ elseif (strlen($_POST["Passwort"]) < 6) $error = Get_Text("makeuser_error_password2");
+ else {
+ $_POST["Passwort"] = PassCrypt($_POST["Passwort"]);
+ unset ($_POST["Passwort2"]);
+
+ $Erg = sql_query("INSERT INTO `User` (" .
+ "`Nick` , " . "`Name` , " .
+ "`Vorname`, " . "`Alter` , " .
+ "`Telefon`, " . "`DECT`, " .
+ "`Handy`, " . "`email`, " .
+ "`ICQ`, " . "`jabber`, " .
+ "`Size`, " . "`Passwort`, " .
+ "`Art` , " . "`kommentar`, " .
+ "`Hometown`," . "`CreateDate` ) " .
+ "VALUES ( " .
+ "'" . $_POST["Nick"] . "', " . "'" . $_POST["Name"] . "', " .
+ "'" . $_POST["Vorname"] . "', " . "'" . $_POST["Alter"] . "', " .
+ "'" . $_POST["Telefon"] . "', " . "'" . $_POST["DECT"] . "', " .
+ "'" . $_POST["Handy"] . "', " . "'" . $_POST["email"] . "', " .
+ "'" . $_POST["ICQ"] . "', " . "'" . $_POST["jabber"] . "', " .
+ "'" . $_POST["Size"] . "', " . "'" . $_POST["Passwort"] . "', " .
+ "'" . $_POST["Art"] . "', " . "'" . $_POST["kommentar"] . "', " .
+ "'" . $_POST["Hometown"] . "'," . "NOW())");
+
+ if ($Erg != 1) {
+ $html .= Get_Text("makeuser_error_write1") . "
\n";
+ $error = sql_error();
+ } else {
+ $html .= "" . Get_Text("makeuser_writeOK") . "\n";
+
+ $SQL2 = "SELECT `UID` FROM `User` WHERE `Nick`='" . $_POST["Nick"] . "';";
+ $Erg2 = mysql_query($SQL2, $con);
+ $Data = mysql_fetch_array($Erg2);
+
+ $SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('" . $Data["UID"] . "');";
+ $Erg3 = mysql_query($SQL3, $con);
+
+ if ($Erg3 != 1) {
+ $html .= "
" . Get_Text("makeuser_error_write2") . "
\n";
+ $error = mysql_error($con);
+ } else {
+ $html .= Get_Text("makeuser_writeOK2") . "
\n";
+ $html .= "" . Get_Text("makeuser_writeOK3") . "
\n";
+ }
+
+ $html .= Get_Text("makeuser_writeOK4") . "
\n
\n";
+ $success = "any";
+
+ if (isset ($SubscribeMailinglist)) {
+ if ($_POST["subscribe-mailinglist"] == "") {
+ $headers = "From: " . $_POST["email"] . "\r\n" .
+ "X-Mailer: PHP/" . phpversion();
+ mail($SubscribeMailinglist, "subject", "message", $headers);
+ }
+ }
+ }
+ }
+
+ if (isset ($error))
+ $html .= error($error);
+ } else {
+ // init vars
+ $_POST["Nick"] = "";
+ $_POST["Name"] = "";
+ $_POST["Vorname"] = "";
+ $_POST["Alter"] = "";
+ $_POST["Telefon"] = "";
+ $_POST["DECT"] = "";
+ $_POST["Handy"] = "";
+ $_POST["email"] = "";
+ $_POST["subscribe-mailinglist"] = "";
+ $_POST["ICQ"] = "";
+ $_POST["jabber"] = "";
+ $_POST["Size"] = "L";
+ $_POST["Art"] = "";
+ $_POST["kommentar"] = "";
+ $_POST["Hometown"] = "";
+ }
+
+ if ($success == "none") {
+ $html .= "" . Get_Text("makeuser_text0") . "
\n";
+ $html .= "" . Get_Text("makeuser_text1") . "
\n";
+ $html .= "\n";
+ $html .= Get_Text("makeuser_text3");
+ }
+ return $html;
+}
+
+function guest_logout() {
+ unset ($_SESSION['uid']);
+ header("Location: " . page_link_to("start"));
+}
+
+function guest_login() {
+ global $user;
+ unset ($_SESSION['uid']);
+
+ $html = "";
+ if (isset ($_REQUEST['login_submit'])) {
+ $login_user = sql_select("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($_REQUEST["user"]) . "'");
+
+ if (count($login_user) == 1) { // Check, ob User angemeldet wird...
+ $login_user = $login_user[0];
+ if ($login_user["Passwort"] == PassCrypt($_REQUEST["password"])) { // Passwort ok...
+ $_SESSION['uid'] = $login_user['UID'];
+ $_SESSION['Sprache'] = $login_user['Sprache'];
+ header("Location: " . page_link_to("news"));
+ } else { // Passwort nicht ok...
+ $ErrorText = "pub_index_pass_no_ok";
+ } // Ende Passwort-Check
+ } else { // Anzahl der User in User-Tabelle <> 1 --> keine Anmeldung
+ if ($user_anz == 0)
+ $ErrorText = "pub_index_User_unset";
+ else
+ $ErrorText = "pub_index_User_more_as_one";
+ } // Ende Check, ob User angemeldet wurde}
+ }
+ if (isset ($ErrorText))
+ $html .= error(Get_Text($ErrorText));
+ $html .= guest_login_form();
+ return $html;
+}
+
+function guest_login_form() {
+ return template_render("../templates/guest_login_form.html", array (
+ 'link' => page_link_to("login"),
+ 'nick' => Get_Text("index_lang_nick"),
+ 'pass' => Get_Text("index_lang_pass"),
+ 'send' => Get_Text("index_lang_send")
+ ));
+}
+?>
\ No newline at end of file
diff --git a/includes/pages/guest_start.php b/includes/pages/guest_start.php
new file mode 100644
index 00000000..286511f2
--- /dev/null
+++ b/includes/pages/guest_start.php
@@ -0,0 +1,13 @@
+" . Get_Text("index_text1") . "\n";
+ $html .= "" . Get_Text("index_text2") . "
\n";
+ $html .= "" . Get_Text("index_text3") . "
\n";
+
+ $html .= guest_login_form();
+
+ $html .= "" . Get_Text("index_text4") . "
";
+ return $html;
+}
+?>
\ No newline at end of file
diff --git a/includes/sys_auth.php b/includes/sys_auth.php
new file mode 100644
index 00000000..1c15122e
--- /dev/null
+++ b/includes/sys_auth.php
@@ -0,0 +1,47 @@
+ 0) {
+ // User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
+ list ($user) = $user;
+ sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . $_SESSION['uid'] . "' LIMIT 1;");
+ } else
+ unset ($_SESSION['uid']);
+ }
+
+ load_privileges();
+}
+
+function load_privileges() {
+ global $privileges, $user;
+
+ $privileges = array ();
+ if (isset ($user)) {
+ $user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($user['UID']) . ";");
+ foreach ($user_privs as $user_priv)
+ $privileges[] = $user_priv['name'];
+ } else {
+ $guest_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=-1;");
+ foreach ($guest_privs as $guest_priv)
+ $privileges[] = $guest_priv['name'];
+ }
+}
+
+function PassCrypt($passwort) {
+ global $crypt_system;
+
+ switch ($crypt_system) {
+ case "crypt" :
+ return "{crypt}" . crypt($passwort, "77");
+ case "md5" :
+ return md5($passwort);
+ }
+}
+?>
\ No newline at end of file
diff --git a/includes/funktion_lang.php b/includes/sys_lang.php
similarity index 81%
rename from includes/funktion_lang.php
rename to includes/sys_lang.php
index 3e26ea33..833d00b8 100644
--- a/includes/funktion_lang.php
+++ b/includes/sys_lang.php
@@ -16,7 +16,6 @@ function Get_Text($TextID, $NoError = false) {
return (@ mysql_result($Erg, 0, "Text"));
elseif ($NoError && !$debug) return "";
else {
- array_push($error_messages, "Get_Text, '$TextID' found " . mysql_num_rows($Erg) . "x in Sprache Database Table for Language (" . $_SESSION['Sprache'] . ")\n");
return "Error Data, '$TextID' found " . mysql_num_rows($Erg) . "x";
}
}
diff --git a/includes/sys_menu.php b/includes/sys_menu.php
new file mode 100644
index 00000000..8c993d1b
--- /dev/null
+++ b/includes/sys_menu.php
@@ -0,0 +1,72 @@
+' . Get_Text('/') . '
';
+ foreach ($menu_items as $item)
+ $menu .= '- ' . Get_Text($item) . '
';
+ $menu .= '
';
+ return $menu;
+}
+
+function make_menu() {
+ return make_navigation() . make_onlineusers() . make_langselect();
+}
+
+function make_onlineusers() {
+ global $privileges, $user;
+ $html = '';
+ return $html;
+}
+
+function make_langselect() {
+ if (strpos($_SERVER["REQUEST_URI"], "?") > 0)
+ $URL = $_SERVER["REQUEST_URI"] . "&SetLanguage=";
+ else
+ $URL = $_SERVER["REQUEST_URI"] . "?SetLanguage=";
+
+ $html = '';
+ $html .= '
';
+ return '';
+}
+?>
\ No newline at end of file
diff --git a/includes/sys_mysql.php b/includes/sys_mysql.php
new file mode 100644
index 00000000..c076be7c
--- /dev/null
+++ b/includes/sys_mysql.php
@@ -0,0 +1,61 @@
+
diff --git a/includes/sys_page.php b/includes/sys_page.php
new file mode 100644
index 00000000..ab8b05e2
--- /dev/null
+++ b/includes/sys_page.php
@@ -0,0 +1,9 @@
+' . $msg . '';
+}
+
+function success($msg) {
+ return '' . $msg . '
';
+}
+?>
\ No newline at end of file
diff --git a/includes/sys_template.php b/includes/sys_template.php
new file mode 100644
index 00000000..ab613c07
--- /dev/null
+++ b/includes/sys_template.php
@@ -0,0 +1,17 @@
+ $content) {
+ $template = str_replace("%" . $name . "%", $content, $template);
+ }
+ return $template;
+ } else {
+ die('Cannot find template file «' . $file . '».');
+ }
+}
+?>
\ No newline at end of file
diff --git a/templates/guest_credits.html b/templates/guest_credits.html
new file mode 100644
index 00000000..a248d431
--- /dev/null
+++ b/templates/guest_credits.html
@@ -0,0 +1,12 @@
+The angelsystem has been (re)done by:
+
+ -
+ ?
+
+ -
+ helios
+
+ -
+ msquare
+
+
diff --git a/templates/guest_login_form.html b/templates/guest_login_form.html
new file mode 100644
index 00000000..c0cef263
--- /dev/null
+++ b/templates/guest_login_form.html
@@ -0,0 +1,22 @@
+
\ No newline at end of file
diff --git a/templates/layout.html b/templates/layout.html
new file mode 100644
index 00000000..0eb67e5b
--- /dev/null
+++ b/templates/layout.html
@@ -0,0 +1,42 @@
+
+
+
+ %title% - Engelsystem
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
%title%
+
+ %content%
+
+
+
+
+
+
diff --git a/www-ssl/credits.php b/www-ssl/credits.php
deleted file mode 100644
index bbfa747d..00000000
--- a/www-ssl/credits.php
+++ /dev/null
@@ -1,18 +0,0 @@
-
-The angelsystem has been (re)done by:
-
-
diff --git a/www-ssl/css/base.css b/www-ssl/css/base.css
index 6c0bc298..808fb512 100644
--- a/www-ssl/css/base.css
+++ b/www-ssl/css/base.css
@@ -81,8 +81,16 @@ nav {
padding: 10px;
}
+p {
+ padding: 0 0 10px 0;
+}
+
+#menu p {
+ padding: 4px;
+}
+
a.sprache img {
- margin: 5px;
+ margin-right: 5px;
}
.background {
@@ -96,3 +104,11 @@ a.sprache img {
.content {
background: #fff;
}
+
+.error {
+ color: #f00;
+}
+
+.success {
+ color: #090;
+}
diff --git a/www-ssl/index.php b/www-ssl/index.php
index cdec1559..5126981c 100644
--- a/www-ssl/index.php
+++ b/www-ssl/index.php
@@ -1,17 +1,73 @@
" . Get_Text("index_text1") . "\n";
-echo "" . Get_Text("index_text2") . "
\n";
-echo "" . Get_Text("index_text3") . "
\n";
+session_start();
-include "includes/login_eingabefeld.php";
+sql_connect($config['host'], $config['user'], $config['pw'], $config['db']);
-echo "" . Get_Text("index_text4") . "
";
+load_auth();
-include "includes/footer.php";
+// Gewünschte Seite/Funktion
+$p = "start";
+if (isset ($_REQUEST['p']))
+ $p = $_REQUEST['p'];
+
+$title = Get_Text($p);
+$content = "";
+
+// Recht dafür vorhanden?
+if (in_array($p, $privileges)) {
+ if ($p == "news") {
+ //require_once ('includes/pages/user_news.php');
+ $content = "news";
+ }
+ elseif ($p == "login") {
+ require_once ('includes/pages/guest_login.php');
+ $content = guest_login();
+ }
+ elseif ($p == "register") {
+ require_once ('includes/pages/guest_login.php');
+ $content = guest_register();
+ }
+ elseif ($p == "logout") {
+ require_once ('includes/pages/guest_login.php');
+ $content = guest_logout();
+ } else {
+ require_once ('includes/pages/guest_start.php');
+ $content = guest_start();
+ }
+}
+elseif ($p == "credits") {
+ require_once ('includes/pages/guest_credits.php');
+ $content = guest_credits();
+}
+elseif ($p == "faq") {
+ require_once ('includes/pages/guest_faq.php');
+ $content = guest_faq();
+} else {
+ // Wenn schon eingeloggt, keine-Berechtigung-Seite anzeigen
+ if (isset ($user)) {
+ $title = Get_Text("no_access_title");
+ $content = Get_Text("no_access_text");
+ } else {
+ // Sonst zur Loginseite leiten
+ header("Location: " . page_link_to("login"));
+ }
+}
+
+echo template_render('../templates/layout.html', array (
+ 'theme' => isset ($user) ? $user['color'] : $default_theme,
+ 'title' => $title,
+ 'menu' => make_menu(),
+ 'content' => $content
+));
?>